问题:多选题Which three parameters are configured in the IKE policy?() (Choose three.)AmodeBpreshared keyCexternal interfaceDsecurity proposalsEdead peer detection settings
查看答案
问题:单选题Click the Exhibit button. In the exhibit, which statement is correct? ()AThree physical interfaces are redundant.BYou must define an additional Redundancy Group.Cnode 0 will immediately become primary in the cluster.DYou must issue an operational command and reboot the system for the above configuration to take effect.
问题:单选题A traditional router is better suited than a firewall device for which function? ()A VPN establishmentB packet-based forwardingC stateful packet processingD network address translation
问题:多选题On which three traffic types does firewall pass-through authentication work? ()(Choose three.)ApingBFTPCTelnetDHTTPEHTTPS
问题:单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()AThe traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.BThe traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.CThe traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.DThe traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
问题:单选题You are not able to telnet to the interface IP of your JUNOS software with enhanced services devicefrom a PC on the same subnet. What is causing the problem? ()A Telnet is not being permitted by self policy.B Telnet is not being permitted by security policy.C Telnet is not allowed because it is not considered secure.D Telnet is not enabled as a host-inbound service on the zone.
问题:多选题In JUNOS software with enhanced services, which three packet elements are inspected to determineif a session already exists? ()(Choose three.)AIP protocolBIP time-to-liveCsource and destination IP addressDsource and destination MAC addressEsource and destination TCP/UDP port
问题:多选题Click the Exhibit button. host_a is in subnet_a and host_b is in subnet_b. Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()ADNS traffic is denied.BTelnet traffic is denied.CSMTP traffic is denied.DPing traffic is permitted.
问题:单选题Which statement is true about interface-based static NAT? ()A It also supports PAT.B It requires you to configure address entries in the junos-nat zone.C It requires you to configure address entries in the junos-global zone.D The IP addresses being translated must be in the same subnet as the incoming interface.
问题:单选题Interface ge-0/0/2.0 of your router is attached to the Internet and is configured with an IP address and network mask of 71.33.252.17/24. A host with IP address 10.20.20.1 is running an HTTP service on TCP port 8080. This host isattached to the ge-0/0/0.0 interface of your router. You must use interface-based static NAT to make the HTTP service on the host reachable from the Internet. On which IP address and TCP port can Internet hosts reach the HTTP service?()A IP address 10.10.10.1 and TCP port 8080B IP address 71.33.252.17 and TCP port 80C IP address 71.33.251.19 and TCP port 80D IP address 71.33.252.19 and TCP port 8080
问题:多选题Which two statements regarding asymmetric key encryption are true?() (Choose two.)AThe same key is used for encryption and decryption.BIt is commonly used to create digital certificate signatures.CIt uses two keys: one for encryption and a different key for decryption.DAn attacker can decrypt data if the attacker captures the key used for encryption.
问题:单选题Which parameters must you select when configuring operating system probes SCREEN options?()A syn-fin, syn-flood, and tcp-no-fragB syn-fin, port-scan, and tcp-no-flagC syn-fin, fin-no-ack, and tcp-no-fragD syn-fin, syn-ack-ack-proxy, and tcp-no-frag
问题:多选题Which two are components of the enhanced services software architecture?() (Choose two.)ALinux kernelBrouting protocol daemonCsession-based forwarding moduleDseparate routing and security planes
问题:单选题Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections. How many flows exist between Host A and Host B? ()A 1B 2C 3D 4
问题:单选题Click the Exhibit button. Which type of source NAT is configured in the exhibit?()Astatic source poolBinterface source poolCsource pool with PATDsouce pool without PAT